The Internal Revenue Service is warning tax professionals about a new scam in which cybercriminals obtain remote control of tax preparers’ computer systems, complete and file client tax returns, and redirect tax refunds to thieves’ accounts.    

The IRS said it knows of only a handful of cases to date, but warned the scam has the potential to impact the filing of fraudulent returns in advance of the April tax deadline and is yet another example of tax professionals being targeted by identity theft criminals.  

The IRS is urging all tax preparers to take the following steps:

  • Run a security “deep scan” to search for viruses and malware
  • Strengthen passwords for both computer access and software access; make sure your password is a minimum of 8 digits (more is better) with a mix of numbers, letters and special characters
  • Be alert for phishing scams: Do not click on links or open attachments from unknown senders
  • Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls
  • Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.

The IRS said tax professionals should also review Publication 4557, Safeguarding Taxpayer Data, A Guide for Your Business, which provides a checklist to help safeguard taxpayer information and enhance office security.

Register or login for access to this item and much more

All Accounting Today content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access